CODEWITHSUNDEEP
apacheportwampserver
Ihidan
Ihidan

Reputation: 568

Hosting a Website at home

I am using WAMP with Apache 2.4.9 on Windows 8 64 bits. I've set up port forwarding (for port 80) on my router and set up a static IP to my computer on my network.
I can access my website from my computer and from my network. But I cannot access it externally by typing my IP on the browser URL Bar.

I believe my ISP is blocking port 80 or preventing me to host a web server. How can I avoid such blocking?

Upvotes: 0

Views: 199

Answers (2)

RiggsFolly
RiggsFolly

Reputation: 94662

There are a number of things that can catch you out while doing this, here are a few I know about.

  • You are entering your WAN ip address on a browser inside your router

  • Your ISP is actually blocking port 80

  • You are in some kind of compound/apartment block and your internet comes through a central entry point and therefore you are behind another router.

You are entering your WAN ip address on a browser inside your router

Most SOHO routers do not have the required technology i.e. loopback, to allow you to use your WAN ip address inside your router. SOLUTION: Tests should be done from outside you router i.e. Go out and use a friends internet connection to see if you can access your site, or use your phone while connected to the ISP network and not your own wifi.

Your ISP is actually blocking port 80

You can test this by changing the port number that your router is forwwarding to the PC's port 80. To do this do something like this:

Change your routers Port forwarding so that incoming port 8080 is forwarded to you local PC's port 80.

Now again use a internet connection outside your local network or your phones ISP network, and try connection to YOURIP:8080/

You are in some kind of compound/apartment block and your internet comes through a central entry point and therefore you are behind your router and another central router that you have no control over.

You can normally tell this is the case if your routers WAN ip addres is in one of these ranges i.e. a Private Network Address

10.0.0.0 - 10.255.255.255
172.16.0.0 - 172.31.255.255
192.168.0.0 - 192.168.255.255

If this is the case, you are probably not going to be able to get around this to your satisfaction. While whoever looks after this central router may claim they are not blocking port 80, of course by virtue of how a router work they are, they are just not actively blocking it. Even if you could get them to Port Forward their routers port 80 to yours, it would only ever work for you, so if 2 people wanted to do this they could not do that without adding some extra hardware to their network, and that is unlikely.

WARNING

You will see lots of advice on the web suggesting that changing this section of your httpd.conf file may cause Apache to allow you to access it from anywhere:

<Directory />
    AllowOverride none
    Require all denied
</Directory>

This section should not be changed from the above i.e. totally disallow any access.

The <Directory /> refers to the root directory of the drive that Apache is installed on.

The recomended mechanism of securing an Apache instance is to disallow any and all access to the root folder and all its subfolders, which the above syntax does. You then specifically Allow access only to the folders that Apache actually requires access to, which by default in WAMPServer should be done in this section:

<Directory "d:/wamp/www/">

 ...

</Directory>

Or in the Virtual Host definitions for each hosted site.

If you change the above to Require all allowed what you are saying is: If I get hacked, allow the hacker total access to all the folders on this drive. On unix this may not actually be so terrible as the basic ethos of unix is nobody can access anything unless authorised, so other security mechanisms may well stop access to any folder on the drive. But on Windows where the basic ethos is its your PC you can do anything you like with it this can be highly dangerous, and offers hackers a handy attack vector i.e. Apache and once they compromise Apache, this would basically give away the Crown Jewels very easily.

Upvotes: 1

Landen
Landen

Reputation: 529

Some isp's will block to prevent you from hosting. You might check with an online port scanner to see if your port 80 is a tually open and forwarding. If you know your setup is right and that your ISP is indeed blocking, you can always port forward a different port and configure apache to listen on that different port.

Upvotes: 0

Related Questions